e6aef9fa70
The reported memory leak should have been spotted by make memcheck But it wasn't. Keeping the tests for better coverage.
268 lines
10 KiB
Plaintext
268 lines
10 KiB
Plaintext
/* BEGIN_HEADER */
|
|
#include "mbedtls/rsa.h"
|
|
#include "mbedtls/md.h"
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char *input_N, int radix_E,
|
|
char *input_E, int hash,
|
|
char *message_hex_string, char *seed,
|
|
char *result_hex_str, int result )
|
|
{
|
|
unsigned char message_str[1000];
|
|
unsigned char output[1000];
|
|
unsigned char output_str[1000];
|
|
unsigned char rnd_buf[1000];
|
|
mbedtls_rsa_context ctx;
|
|
size_t msg_len;
|
|
rnd_buf_info info;
|
|
|
|
info.length = unhexify( rnd_buf, seed );
|
|
info.buf = rnd_buf;
|
|
|
|
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
|
|
memset( message_str, 0x00, 1000 );
|
|
memset( output, 0x00, 1000 );
|
|
memset( output_str, 0x00, 1000 );
|
|
|
|
ctx.len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
|
|
|
msg_len = unhexify( message_str, message_hex_string );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PUBLIC, msg_len, message_str, output ) == result );
|
|
if( result == 0 )
|
|
{
|
|
hexify( output_str, output, ctx.len );
|
|
|
|
TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_rsa_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char *input_P,
|
|
int radix_Q, char *input_Q, int radix_N,
|
|
char *input_N, int radix_E, char *input_E,
|
|
int hash, char *result_hex_str, char *seed,
|
|
char *message_hex_string, int result )
|
|
{
|
|
unsigned char message_str[1000];
|
|
unsigned char output[1000];
|
|
unsigned char output_str[1000];
|
|
mbedtls_rsa_context ctx;
|
|
mbedtls_mpi P1, Q1, H, G;
|
|
size_t output_len;
|
|
rnd_pseudo_info rnd_info;
|
|
((void) seed);
|
|
|
|
mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G );
|
|
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
|
|
|
|
memset( message_str, 0x00, 1000 );
|
|
memset( output, 0x00, 1000 );
|
|
memset( output_str, 0x00, 1000 );
|
|
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
|
|
|
|
ctx.len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_gcd( &G, &ctx.E, &H ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
|
|
|
unhexify( message_str, message_hex_string );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str, output, 1000 ) == result );
|
|
if( result == 0 )
|
|
{
|
|
hexify( output_str, output, ctx.len );
|
|
|
|
TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_mpi_free( &P1 ); mbedtls_mpi_free( &Q1 ); mbedtls_mpi_free( &H ); mbedtls_mpi_free( &G );
|
|
mbedtls_rsa_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void pkcs1_rsassa_v15_sign( int mod, int radix_P, char *input_P, int radix_Q,
|
|
char *input_Q, int radix_N, char *input_N,
|
|
int radix_E, char *input_E, int digest, int hash,
|
|
char *message_hex_string, char *salt,
|
|
char *result_hex_str, int result )
|
|
{
|
|
unsigned char message_str[1000];
|
|
unsigned char hash_result[1000];
|
|
unsigned char output[1000];
|
|
unsigned char output_str[1000];
|
|
unsigned char rnd_buf[1000];
|
|
mbedtls_rsa_context ctx;
|
|
mbedtls_mpi P1, Q1, H, G;
|
|
size_t msg_len;
|
|
rnd_buf_info info;
|
|
|
|
info.length = unhexify( rnd_buf, salt );
|
|
info.buf = rnd_buf;
|
|
|
|
mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G );
|
|
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
|
|
|
|
memset( message_str, 0x00, 1000 );
|
|
memset( hash_result, 0x00, 1000 );
|
|
memset( output, 0x00, 1000 );
|
|
memset( output_str, 0x00, 1000 );
|
|
|
|
ctx.len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_gcd( &G, &ctx.E, &H ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
|
|
|
msg_len = unhexify( message_str, message_hex_string );
|
|
|
|
if( mbedtls_md_info_from_type( digest ) != NULL )
|
|
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result );
|
|
if( result == 0 )
|
|
{
|
|
hexify( output_str, output, ctx.len);
|
|
|
|
TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_mpi_free( &P1 ); mbedtls_mpi_free( &Q1 ); mbedtls_mpi_free( &H ); mbedtls_mpi_free( &G );
|
|
mbedtls_rsa_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void pkcs1_rsassa_v15_verify( int mod, int radix_N, char *input_N, int radix_E,
|
|
char *input_E, int digest, int hash,
|
|
char *message_hex_string, char *salt,
|
|
char *result_hex_str, int result )
|
|
{
|
|
unsigned char message_str[1000];
|
|
unsigned char hash_result[1000];
|
|
unsigned char result_str[1000];
|
|
mbedtls_rsa_context ctx;
|
|
size_t msg_len;
|
|
((void) salt);
|
|
|
|
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
|
|
memset( message_str, 0x00, 1000 );
|
|
memset( hash_result, 0x00, 1000 );
|
|
memset( result_str, 0x00, 1000 );
|
|
|
|
ctx.len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
|
|
|
msg_len = unhexify( message_str, message_hex_string );
|
|
unhexify( result_str, result_hex_str );
|
|
|
|
if( mbedtls_md_info_from_type( digest ) != NULL )
|
|
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str ) == result );
|
|
|
|
exit:
|
|
mbedtls_rsa_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void pkcs1_rsassa_v15_verify_ext( int mod,
|
|
int radix_N, char *input_N,
|
|
int radix_E, char *input_E,
|
|
int msg_digest_id, int ctx_hash,
|
|
int mgf_hash, int salt_len,
|
|
char *message_hex_string,
|
|
char *result_hex_str,
|
|
int result_simple,
|
|
int result_full )
|
|
{
|
|
unsigned char message_str[1000];
|
|
unsigned char hash_result[1000];
|
|
unsigned char result_str[1000];
|
|
mbedtls_rsa_context ctx;
|
|
size_t msg_len, hash_len;
|
|
|
|
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, ctx_hash );
|
|
memset( message_str, 0x00, 1000 );
|
|
memset( hash_result, 0x00, 1000 );
|
|
memset( result_str, 0x00, 1000 );
|
|
|
|
ctx.len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
|
|
|
msg_len = unhexify( message_str, message_hex_string );
|
|
unhexify( result_str, result_hex_str );
|
|
|
|
if( msg_digest_id != MBEDTLS_MD_NONE )
|
|
{
|
|
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( msg_digest_id ),
|
|
message_str, msg_len, hash_result ) == 0 );
|
|
hash_len = 0;
|
|
}
|
|
else
|
|
{
|
|
memcpy( hash_result, message_str, msg_len );
|
|
hash_len = msg_len;
|
|
}
|
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
|
msg_digest_id, hash_len, hash_result,
|
|
result_str ) == result_simple );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
|
msg_digest_id, hash_len, hash_result,
|
|
mgf_hash, salt_len,
|
|
result_str ) == result_full );
|
|
|
|
exit:
|
|
mbedtls_rsa_free( &ctx );
|
|
}
|
|
/* END_CASE */
|